eXtending Detection and Response to the Cloud: Why Fidelis Acquired CloudPassage

Earlier this month, Fidelis announced it acquired CloudPassage. It should come as no surprise to anyone that Fidelis is continuing to evolve our Active XDR platform with a solution that grows with our customers’ needs as they migrate more and more of the business to the cloud. CloudPassage’s Halo Cloud Security Platform provides a key component to expand our enterprise-class XDR platform capabilities in the cloud. 

As enterprises move to the cloud, it turns out security is the key enabler to making this transformation happen. In other words, as a security professional, you can get caught with a blind spot on the cloud, or you can enable the business to grow by securing cloud assets from DevOps through monitoring and compliance. 

Why CloudPassage? 

If you want to have eyes on all enterprise IT assets, you need eyes in the cloud. Not just one cloud, but also hybrid, complex, multi-cloud environments. Your data and assets are everywhere.  

Your first question should be, “what cloud assets do I have?”, followed by “are they in compliance with my regulations and policy?”, then followed by “are they under attack?”.   

CloudPassage helps our customers answer these questions. It also gives IT teams the ability to automatically remediate out-of-compliance cloud assets and detect attacks on cloud workloads. Over the last ten years, CloudPassage has pioneered and developed the best platform to discover cloud assets, monitor compliance with industry regulations and corporate policies, and to detect and respond to threats against cloud workloads. 

Our mid- to large-size customer base already have a combination of on-premises data centers, private cloud footprints, and managed cloud implementations (Google Cloud, Azure, or Amazon Web Services). Hybrid, multi-cloud environment creates significant challenges for security teams worldwide. Among the most pressing issues:  

• Discovering shadow IT in the cloud. It is no longer just IT staff spinning up new services. That means consistent security controls may not be in place. Since IT can’t defend assets that it doesn’t know about, the ability to quickly find and secure Shadow IT is imperative.  
• Understanding their vulnerability exposure. The industry calls this Cloud Security Posture Management (CSPM). Doing this for a single cloud service provider (CSP) is a challenge by itself. Doing this across multiple CSPs is nearly impossible for all but the largest security teams using the native CSP interfaces. Now add on-premises and private cloud deployments into the mix and this becomes not only unattainable for most firms, but extremely costly to build and maintain.  

CloudPassage has solved this problem with its Halo Cloud Security platform (see Figure 1). Not only does it provide cloud security posture management (CSPM), CloudPassage also built out a full cloud workload protection platform (CWPP) to monitor servers, containers and micro-services to find and automate responses to these threats. Halo eliminates the need to buy one tool for CSPM and another for CWPP. Instead, a single platform allows customers to discover, interrogate and understand cloud security posture, and monitor servers, containers and micro-services in the cloud.  

Figure 1: Fidelis CloudPassage Halo Cloud Security platform overview 

CloudPassage Halo, now Fidelis Halo, supports and enables digital transformation initiatives by ensuring they are secure-by-design, integrated into DevOps, continuously monitored for compliance, and protect against threats with built-in remediation and response playbooks. In a nutshell, the Halo platform provides: 

• Visibility – continuous asset discovery, interrogation, and inventory, unified across cloud environments and providers; 
• Security – OS and software configuration assessment, vulnerability management, threat detection, critical event collection, network traffic monitoring, micro-segmentation; and 
• Compliance – continuous monitoring for violations against industry best-practices and standards (PCI, HIPAA, SOC 2, CIS) including detailed remediation advice and REST API endpoints. 

What differentiates CloudPassage Halo is: 

• Unified – one platform for servers, containers and IaaS services across any mix of public, hybrid, and multi-cloud deployments; 
• Scalable – can start small, then keep up with explosive growth; 
• Automated – REST APIs and core features automate workflows; and 
• Integrated – deployed with infrastructure, built-in not bolted-on. 

The chart below both summarizes the CloudPassage Halo capabilities (Figure 2, within the red box). It also provides a guideline to build your own cloud security program: 

Figure 2. Fidelis CloudPassage Halo Cloud Security platform capabilities 

I am excited about the synergies between CloudPassage Halo and Fidelis Elevate, and their ability to serve the needs of the Fidelis’s customer base today and into the future. As I said earlier, security is the key enabler to digital transformation. We are confident that the tools and resources we are adding will provide the capabilities our customers are looking to secure the cloud and enable digital transformation. Integrating the Halo platform with the Fidelis Elevate platform, an Active XDR solution, will help our customers achieve full visibility across endpoint, network and multi-cloud environments in a single interface, while reducing the cost and burden of maintaining lots of separate silo’d tools.  

We look forward to delivering on our vision of Active XDR and continuing the journey with our customers.